https://supertokens.com/ logo
Title
k

Kubessandra

11/06/2022, 2:33 PM
Hi All, I have an Issue with supertokens-react-native. When using the signOut function, calling doesSessionExist still return true. Does anybody have the same issue ?
r

rp

11/06/2022, 2:36 PM
hey @Kubessandra
@nkshah2 can help here.
n

nkshah2

11/06/2022, 2:37 PM
Can I see the configuration you provide when calling SuperTokens init?
k

Kubessandra

11/06/2022, 2:44 PM
The one provided in the Doc: the apiDomain with "https://192.168.1.33......." My api domaine is the Nextjs setup. Everything working fine for login or in NextJS.
js
import SuperTokens from 'supertokens-react-native'; 
  
 const init = () => { 
   SuperTokens.init({ 
     apiDomain: 'http://192.168.1.33:3000', 
     apiBasePath: '/api/auth', 
   }); 
 }; 
  
 export { init };
n

nkshah2

11/06/2022, 2:45 PM
And on the backend?
r

rp

11/06/2022, 4:55 PM
Can you print out the request and response headers of the sign out api call somehow? Maybe add a logging middleware on the backend to do this.
k

Kubessandra

11/06/2022, 7:24 PM
Here:
Maybe because of localhost vs 192.168.1.33 ?
This is probably because I'm mixing 192.168.1.33 and localhost for cookieDomain
I said nothing I still have the issue even using 192.168.1.33 everywhere EDIT: setting cookieDomain to 192.168.1.33 is working but the problematic is that now the frontend that use localhost will not work because it will not share the cookies on other domains. Do you have any example how to share cookie between Web + Mobile + multiple api endpoints ? I have a massive issue setting up NextJS + React Native + a graphql endpoint with supertokens And I'm not able to disable the secure option I don't know why. My main problem is I can't use localhost because the mobile simulator do not have access to it. Any suggestions about how to desactivate all checks on SameSite and Secure cookies for dev ?
n

nkshah2

11/07/2022, 1:49 AM
Can you try using your IP as the api domain when you initialise SuperTokens on the backend?
r

rp

11/07/2022, 4:48 AM
So the frontend is not sending any cookies during the sign out request.
That’s the issue
But the interception is still happening. @nkshah2 when can this happen? When does the react native cookie handler not return cookies?
n

nkshah2

11/07/2022, 4:54 AM
Just to clarify, what did you mean by it not working if you use the IP everywhere?
Also you do not need to explicitly set cookie domain, it should work without that
k

Kubessandra

11/07/2022, 11:06 AM
I will try this, and keep you up to date
By the way I need to use the cookie domain no if I have two multiple endpoint ?
One for my GraphQL API and one For my Auth API
Next API
js
const appInfo = {
  appName: 'burdo',
  apiDomain: 'http://192.168.1.33:3000',
  websiteDomain: 'http://localhost:3000',
  apiBasePath: '/api/auth',
  websiteBasePath: '/auth',
}
js
// ----
      SessionNode.init({
        cookieDomain: '.192.168.1.33:3000', 
      }),
// ----
Front config:
js
export const initSuperToken = () => {
  if (typeof window !== 'undefined') {
    // we only want to call this init function on the frontend, so we check typeof window !== 'undefined'
    const appInfo = {
      appName: 'burdo',
      apiDomain: window.location.origin,
      websiteDomain: window.location.origin,
      apiBasePath: '/api/auth',
      websiteBasePath: '/auth',
    }

    console.log('initSuperToken', appInfo)
    SuperTokensReact.init(frontendConfig(appInfo))
  }
}
Here are my configs, When using it like that everything is working fine if I access my website with http://192.168.1.33:3000 But if I access it with http://localhost:3000 the cookie will not be set because the DOMAIN is not the same
r

rp

11/07/2022, 1:34 PM
Can you remove
cookieDomain: '.192.168.1.33:3000',
from the backend session.init?
just keep it as
Session.init()
k

Kubessandra

11/07/2022, 2:03 PM
Yes but if I remove it, it will be impossible for me to pass the cookie to my GraphQL API that is on a subdomain, and it will set the Cookie to localhost (not passing the cookie to my other subdomains) Maybe I need to setup the cookie domain only for Production
And it will set the cookie for the website -> localhost Set the cookie for the mobile -> 192.168.1.33
r

rp

11/07/2022, 2:03 PM
hmm. Yea. That would be right. cookieDomain just for prod - something like
.mydomain.com
k

Kubessandra

11/07/2022, 2:04 PM
Yes, this is .burdo.io in my production everything is working fine, the real problem is only in dev, because of the mixing of domains created by using a mobile app and not having access to localhost
r

rp

11/07/2022, 2:04 PM
yea. We will be updating the appInfo config to be more poswerful to allow for multiple URLs sometime next year
k

Kubessandra

11/07/2022, 2:05 PM
I don't think you can have multiple domain for the cookie attribute
r

rp

11/07/2022, 2:05 PM
oh yea, you can't. But it would allow you to set different cookieDomain for cookies for different clients
k

Kubessandra

11/07/2022, 2:06 PM
Oh yes I see, or maybe just a boolean option
allowSubdomain
taking the Host automatically and forwarding it to the Cookie domain
r

rp

11/07/2022, 2:06 PM
hmm
well, anyway. That's for later
for now, i guess you have your solution?
k

Kubessandra

11/07/2022, 2:08 PM
Yes I have a workaround thanks, just wanted to find the best DX possible for this. I will create a quick PR for the
allowSubdomain
thing and see Thank for the quick response and help on this
Ok so, I did one last test and yes setting everything in localhost and removing the cookie domain is working. I just have to set the IP on the mobile side now. DX resolved 👌